<?php

namespace app\admin\library;

use app\admin\model\Account;
use app\admin\model\Admin;
use app\admin\model\AdminBasicZoom;
use app\admin\model\AuthGroupAccessZoom;
use fast\Random;
use fast\Tree;
use think\Config;
use think\Cookie;
use think\Db;
use think\Hook;
use think\Request;
use think\Session;

class Auth extends \fast\Auth
{
    protected $_error = '';
    protected $requestUri = '';
    protected $breadcrumb = [];
    protected $logined = false; //登录状态

    public function __construct()
    {
        parent::__construct();
    }

    public function __get($name)
    {
        return Session::get('admin.' . $name);
    }

    /**
     * 管理员登录
     *
     * @param string $username 用户名
     * @param string $password 密码
     * @param int    $keeptime 有效时长
     * @return  boolean
     */
    public function login($username, $password, $admin_id,$keeptime = 0)
    {
        //$admin = Admin::get($admin_id);
        $admin = Admin::get(['id'=>$admin_id]);

        if (!$admin) {
            $this->setError('Username is incorrect');
            return false;
        }

        $admin_basic = AdminBasicZoom::get(['admin_id'=>$admin_id]);//用户基本信息表没有信息则插入
        if(!$admin_basic) {//
            //4 创建Zoom用户基本信息表
            $basic_admin['account_id'] = $admin->account_id;
            $basic_admin['admin_id'] = $admin_id;
            $basic_admin['serial'] = $admin->serial;
            $basic_admin['avatar'] = config('default_avatar');
            $basic_admin['ctime'] = time();
            $basic_admin['source'] = $admin->source;
            $basic_admin['joinip'] = request()->ip();
            $basic_admin['loginip'] = request()->ip();

            $admin_basic =  new AdminBasicZoom();//注册用户基本信息表
            $admin_basic_r = $admin_basic->save($basic_admin);
            if (!$admin_basic_r){
                $this->error('用户基本信息注册失败，请重试', null, ['token' => $this->request->token()]);
            }


            $map['uid'] = $admin_id;
            //  $map['group_id'] = AuthGroupAccessZoom::SPONSOR;
            $admin_count = Db::name('auth_group_access_zoom')
                ->where($map)
                ->count();

            if (!$admin_count){//当没有举办人的权限时加入举办的角色
                $aga_result = AuthGroupAccessZoom::create(['uid'=>$admin_id, 'group_id'=>AuthGroupAccessZoom::SPONSOR]);
                if ($aga_result === false) {
                    $this->error(model('AuthGroupAccessZoom')->getError());
                }
            }
            unset($map);
            unset($basic_admin);
        }


//        if (!$admin) {
//            $this->setError('Username is incorrect');
//            return false;
//        }
        if ($admin->status == 'hidden') {
            $this->setError('Admin is forbidden');
            return false;
        }
        if (Config::get('fastadmin.login_failure_retry') && $admin->loginfailure >= 10 && time() - $admin->updatetime < 86400) {
            $this->setError('Please try again after 1 day');
            return false;
        }
        if ($admin->password != md5(md5($password) . $admin->salt)) {
            $admin->loginfailure++;
            $admin->save();
            $this->setError('Password is incorrect');
            return false;
        }
        $admin->loginfailure = 0;
        $admin->logintime = time();
        $admin->loginip = request()->ip();

        // （account、admin）两表的token字段、user_token表的tokenbu字段 要保持一致
        $account = Session::pull('account');
        if ($account){
            $adminToken = $account['token'];
        }else{
            $adminToken = Random::uuid();
        }
        $admin->token_zoom = $adminToken;
        $admin->token = $adminToken;
        $admin->save();

        Session::set("admin", $admin->toArray());
        $this->keeplogin($keeptime);
        // 加入后台token记录
        $this->setToken($adminToken, $admin_id, 0);
        return true;
    }


    /**
     * 前台用户自动登录
     * @param $userToken
     * @return bool
     * @throws \think\Exception
     * @throws \think\db\exception\DataNotFoundException
     * @throws \think\db\exception\ModelNotFoundException
     * @throws \think\exception\DbException
     */
    public function userLogin($userToken)
    {
        $admin_id = Db::name('user_token')->where(['tokenbu' => $userToken])->value('user_id');
        if (!$admin_id){
            return false;
        }
        //$admin = Admin::get($admin_id);
        $admin = Admin::get(['id'=>$admin_id]);
        $admin_basic = AdminBasicZoom::get(['admin_id'=>$admin_id]);
        if(!$admin_basic) {//
            //4 创建Zoom用户基本信息表
            $basic_admin['account_id'] = $admin->account_id;
            $basic_admin['admin_id'] = $admin_id;
            $basic_admin['serial'] = $admin->serial;
            $basic_admin['avatar'] = config('default_avatar');
            $basic_admin['ctime'] = time();
            $basic_admin['source'] = $admin->source;
            $basic_admin['joinip'] = request()->ip();
            $basic_admin['loginip'] = request()->ip();
            $admin_basic =  new AdminBasicZoom();   //注册用户基本信息表
            $admin_basic_r = $admin_basic->save($basic_admin);

            $admin_count = Db::name('auth_group_access_zoom')->where(['uid'=>$admin_id])->count();
            if (!$admin_count){//当没有举办人的权限时加入举办的角色
                $aga_result = AuthGroupAccessZoom::create(['uid'=>$admin_id, 'group_id'=>AuthGroupAccessZoom::SPONSOR]);
                if ($aga_result === false) {
                    $this->error(model('AuthGroupAccessZoom')->getError());
                }
            }
            unset($basic_admin);
        }
        //改写后台token
        Db::name('admin')->where('id', $admin_id)->update(['token'=>$userToken, 'token_zoom'=>$userToken]);
        Db::name('account')->where('id', $admin->account_id)->update(['token'=>$userToken, 'token_zoom'=>$userToken]);
        Session::delete("admin");
        Cookie::delete("keeplogin");
        Session::set("admin", $admin->toArray());
        $this->keeplogin(1);
        return true;
    }

    /**
     * 存储Token
     * @param   string $token Token
     * @param   int $user_id 会员ID
     * @param   int $expire 过期时长,0表示无限,单位秒
     * @return bool
     */
    public function setToken($token, $user_id, $expire = null) {
        // $expiretime = !is_null($expire) && $expire !== 0 ? time() + $expire : 0;
        $encryptedToken = $this->getEncryptedToken($token);
        $check_token = Db::name('user_token')->where(['user_id'=>$user_id, 'expiretime'=>$expire])->field('user_id,expiretime')->find();
        if (empty($check_token)) {  //新增
            Db::name('user_token')->insert([
                'token'      => $encryptedToken,
                'user_id'    => $user_id,
                'createtime' => time(),
                'expiretime' => $expire,
                'tokenbu'    => $token      //与admin、account表的token保持一致
            ]);
        }/* else {  //更新
            Db::name('user_token')->where(['user_id'=>$user_id, 'expiretime'=>$expire])->update([
                'token'      => $encryptedToken,
                'user_id'    => $user_id,
                'createtime' => time(),
                'expiretime' => $expire,
                'tokenbu'    => $token      //与admin、account表的token保持一致
            ]);
        }*/
    }

    /**
     * 获取加密后的Token
     * @param string $token Token标识
     * @return string
     */
    protected function getEncryptedToken($token) {
        $config = \think\Config::get('token');
        return hash_hmac($config['hashalgo'], $token, $config['key']);
    }
    /**
     * 账号登录
     *
     * @param   string $username 用户名
     * @param   string $password 密码
     * @param   int $keeptime 有效时长
     * @return  boolean
     */
    public function accountLogin($username, $password, $keeptime = 0)
    {
        $account = Account::get(['mobile|username' => $username]);
        if (!$account) {
            $this->setError('Username is incorrect');
            return false;
        }
        if (Config::get('fastadmin.login_failure_retry') && $account->loginfailure >= 10 && time() - $account->updatetime < 300) {
            $this->setError('Please try again after 5 minute');
            return false;
        }
        if ($account->isOld == 1){
            if ($account->password != hash_pbkdf2("sha256", $password, $account->salt, 50000)) {
                $account->loginfailure++;
                $account->save();
                $this->setError('Password is incorrect');
                return false;
            }
        }else{
            if ((config('platform') == 'weihai') && ($account->source == 5)) {
                if ($account->password != md5($password . $account->salt)) {
                    $account->loginfailure++;
                    $account->save();
                    $this->setError('Password is incorrect');
                    return false;
                }
            }else{
                if ($account->password != md5(md5($password) . $account->salt)) {
                    $account->loginfailure++;
                    $account->save();
                    $this->setError('Password is incorrect');
                    return false;
                }
            }
        }

        $account->loginfailure = 0;
        $account->token_zoom = Random::uuid();
        $account->token = $account->token_zoom;
        $account->save();
        Session::set("account", $account->toArray());
        Session::push1('account', 'keeplogin', $keeptime);
        return true;
    }
    /**
     * 退出登录
     */
    public function logout()
    {
        //$admin = Admin::get(intval($this->id));
        $admin = Admin::get(['id'=>$this->id]);
        if ($admin) {
            //$admin->token = '';
            $admin->token_zoom = '';
            $admin->save();
        }
        $this->logined = false; //重置登录状态
        Session::delete("admin");
        Cookie::delete("keeplogin");
        return true;
    }

    /**
     * 自动登录
     * @return boolean
     */
    public function autologin()
    {
        $keeplogin = Cookie::get('keeplogin');
        if (!$keeplogin) {
            return false;
        }
        list($id, $keeptime, $expiretime, $key) = explode('|', $keeplogin);

        unset($id);
        $id = 1;
        if ($id && $keeptime && $expiretime && $key && $expiretime > time()) {
            //$admin = Admin::get($id);
            $admin = Admin::get(['id'=>$id]);
            if (!$admin || !$admin->token) {
                return false;
            }
            //token有变更
            if ($key != md5(md5($id) . md5($keeptime) . md5($expiretime) . $admin->token)) {
                return false;
            }
            $ip = request()->ip();
            //IP有变动
            if ($admin->loginip != $ip) {
                return false;
            }
            $admin = $admin->toArray();
            $admin['token'] = $admin['token_zoom'];
            Session::set("admin_info", $admin);
            //刷新自动登录的时效
            $this->keeplogin($keeptime);
            return true;
        } else {
            return false;
        }
    }

    /**
     * 刷新保持登录的Cookie
     *
     * @param int $keeptime
     * @return  boolean
     */
    protected function keeplogin($keeptime = 0)
    {
        if ($keeptime) {
            $expiretime = time() + $keeptime;
            $key = md5(md5($this->id) . md5($keeptime) . md5($expiretime) . $this->token);
            $data = [$this->id, $keeptime, $expiretime, $key];
            Cookie::set('keeplogin', implode('|', $data), 86400 * 30);
            return true;
        }
        return false;
    }

    public function check($name, $uid = '', $relation = 'or', $mode = 'url')
    {
        $uid = $uid ? $uid : $this->id;
        return parent::check($name, $uid, $relation, $mode);
    }

    /**
     * 检测当前控制器和方法是否匹配传递的数组
     *
     * @param array $arr 需要验证权限的数组
     * @return bool
     */
    public function match($arr = [])
    {
        $request = Request::instance();
        $arr = is_array($arr) ? $arr : explode(',', $arr);
        if (!$arr) {
            return false;
        }

        $arr = array_map('strtolower', $arr);
        // 是否存在
        if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr)) {
            return true;
        }

        // 没找到匹配
        return false;
    }

    /**
     * 检测是否登录
     *
     * @return boolean
     */
    public function isLogin()
    {
        if ($this->logined) {
            return true;
        }
        $admin = Session::get('admin');
        if (!$admin) {
            return false;
        }

        //判断是否同一时间同一账号只能在一个地方登录
        if (Config::get('fastadmin.login_unique')) {
            //$my = Admin::get($admin['id']);
            $my= Admin::get(['id'=>$admin['id']]);
            //if (!$my || $my['token'] != $admin['token']) {
            if (!$my || $my['token'] != $admin['token_zoom']) {
                $this->logined = false; //重置登录状态
                Session::delete("admin");
                Cookie::delete("keeplogin");
                return false;
            }
        }
        //判断管理员IP是否变动
        if (Config::get('fastadmin.loginip_check')) {
            if (!isset($admin['loginip']) || $admin['loginip'] != request()->ip()) {
                $this->logout();
                return false;
            }
        }
        $this->logined = true;
        return true;
    }

    /**
     * 获取当前请求的URI
     * @return string
     */
    public function getRequestUri()
    {
        return $this->requestUri;
    }

    /**
     * 设置当前请求的URI
     * @param string $uri
     */
    public function setRequestUri($uri)
    {
        $this->requestUri = $uri;
    }

    public function getGroups($uid = null)
    {
        $uid = is_null($uid) ? $this->id : $uid;
        return parent::getGroups($uid);
    }

    public function getRuleList($uid = null)
    {
        $uid = is_null($uid) ? $this->id : $uid;
        return parent::getRuleList($uid);
    }

    public function getUserInfo($uid = null)
    {
        $uid = is_null($uid) ? $this->id : $uid;

        return $uid != $this->id ? Admin::get(['id'=>$uid]) : Session::get('admin');
    }

    public function getRuleIds($uid = null)
    {
        $uid = is_null($uid) ? $this->id : $uid;
        return parent::getRuleIds($uid);
    }

    public function isSuperAdmin()
    {
        return in_array('*', $this->getRuleIds()) ? true : false;
    }

    /**
     * 获取管理员所属于的分组ID
     * @param int $uid
     * @return array
     */
    public function getGroupIds($uid = null)
    {
        $groups = $this->getGroups($uid);
        $groupIds = [];
        foreach ($groups as $K => $v) {
            $groupIds[] = (int)$v['group_id'];
        }
        return $groupIds;
    }

    /**
     * 取出当前管理员所拥有权限的分组
     * @param boolean $withself 是否包含当前所在的分组
     * @return array
     */
    public function getChildrenGroupIds($withself = false)
    {
        //取出当前管理员所有的分组
        $groups = $this->getGroups();
        $groupIds = [];
        foreach ($groups as $k => $v) {
            $groupIds[] = $v['id'];
        }
        $originGroupIds = $groupIds;
        foreach ($groups as $k => $v) {
            if (in_array($v['pid'], $originGroupIds)) {
                $groupIds = array_diff($groupIds, [$v['id']]);
                unset($groups[$k]);
            }
        }
        // 取出所有分组
        $groupList = \app\admin\model\AuthGroupZoom::where(['status' => 'normal'])->select();
        $objList = [];
        foreach ($groups as $k => $v) {
            if ($v['rules'] === '*') {
                $objList = $groupList;
                break;
            }
            // 取出包含自己的所有子节点
            $childrenList = Tree::instance()->init($groupList)->getChildren($v['id'], true);
            $obj = Tree::instance()->init($childrenList)->getTreeArray($v['pid']);
            $objList = array_merge($objList, Tree::instance()->getTreeList($obj));
        }
        $childrenGroupIds = [];
        foreach ($objList as $k => $v) {
            $childrenGroupIds[] = $v['id'];
        }
        if (!$withself) {
            $childrenGroupIds = array_diff($childrenGroupIds, $groupIds);
        }
        return $childrenGroupIds;
    }

    /**
     * 取出当前管理员所拥有权限的管理员
     * @param boolean $withself 是否包含自身
     * @return array
     */
    public function getChildrenAdminIds($withself = false)
    {
        $childrenAdminIds = [];
        if (!$this->isSuperAdmin()) {
            $groupIds = $this->getChildrenGroupIds(false);
            $authGroupList = \app\admin\model\AuthGroupAccess::
            field('uid,group_id')
                ->where('group_id', 'in', $groupIds)
                ->select();
            foreach ($authGroupList as $k => $v) {
                $childrenAdminIds[] = $v['uid'];
            }
        } else {
            //超级管理员拥有所有人的权限
            $childrenAdminIds = Admin::column('id');
        }
        if ($withself) {
            if (!in_array($this->id, $childrenAdminIds)) {
                $childrenAdminIds[] = $this->id;
            }
        } else {
            $childrenAdminIds = array_diff($childrenAdminIds, [$this->id]);
        }
        return $childrenAdminIds;
    }

    /**
     * 获得面包屑导航
     * @param string $path
     * @return array
     */
    public function getBreadCrumb($path = '')
    {
        if ($this->breadcrumb || !$path) {
            return $this->breadcrumb;
        }
        $titleArr = [];
        $menuArr = [];
        $urlArr = explode('/', $path);
        foreach ($urlArr as $index => $item) {
            $pathArr[implode('/', array_slice($urlArr, 0, $index + 1))] = $index;
        }
        if (!$this->rules && $this->id) {
            $this->getRuleList();
        }
        foreach ($this->rules as $rule) {
            if (isset($pathArr[$rule['name']])) {
                $rule['title'] = __($rule['title']);
                $rule['url'] = url($rule['name']);
                $titleArr[$pathArr[$rule['name']]] = $rule['title'];
                $menuArr[$pathArr[$rule['name']]] = $rule;
            }

        }
        ksort($menuArr);
        $this->breadcrumb = $menuArr;
        return $this->breadcrumb;
    }

    /**
     * 获取左侧和顶部菜单栏
     *
     * @param array  $params    URL对应的badge数据
     * @param string $fixedPage 默认页
     * @return array
     */
    public function getSidebar($params = [], $fixedPage = 'dashboard')
    {
        // 边栏开始
        $where['source_tag'] = 0;//新加左侧栏条件
        $where1['source_tag'] = 2;
        Hook::listen("admin_sidebar_begin", $params);
        $colorArr = ['red', 'green', 'yellow', 'blue', 'teal', 'orange', 'purple'];
        $colorNums = count($colorArr);
        $badgeList = [];
        $module = request()->module();
        // 生成菜单的badge
        foreach ($params as $k => $v) {
            $url = $k;
            if (is_array($v)) {
                $nums = isset($v[0]) ? $v[0] : 0;
                $color = isset($v[1]) ? $v[1] : $colorArr[(is_numeric($nums) ? $nums : strlen($nums)) % $colorNums];
                $class = isset($v[2]) ? $v[2] : 'label';
            } else {
                $nums = $v;
                $color = $colorArr[(is_numeric($nums) ? $nums : strlen($nums)) % $colorNums];
                $class = 'label';
            }
            //必须nums大于0才显示
            if ($nums) {
                $badgeList[$url] = '<small class="' . $class . ' pull-right bg-' . $color . '">' . $nums . '</small>';
            }
        }

        // 读取管理员当前拥有的权限节点
        $userRule = $this->getRuleList();
        $selected = $referer = [];
        $refererUrl = Session::get('referer');
        $pinyin = new \Overtrue\Pinyin\Pinyin('Overtrue\Pinyin\MemoryFileDictLoader');
        // 必须将结果集转换为数组
        $ruleList = collection(\app\admin\model\AuthRuleZoom::where('status', 'normal')
            ->where('ismenu', 1)
            ->where($where)
            ->whereor($where1)
            ->order('weigh', 'desc')
            ->cache("__menu__")
            ->select())->toArray();
        $indexRuleList = \app\admin\model\AuthRuleZoom::where('status', 'normal')
            ->where('ismenu', 0)
            ->where('name', 'like', '%/index')
            ->where($where)
            ->whereor($where1)
            ->column('name,pid');
        $pidArr = array_filter(array_unique(array_map(function ($item) {
            return $item['pid'];
        }, $ruleList)));

        foreach ($ruleList as $k => &$v) {
            if (!in_array($v['name'], $userRule)) {
                unset($ruleList[$k]);
                continue;
            }
            $indexRuleName = $v['name'] . '/index';
            if (isset($indexRuleList[$indexRuleName]) && !in_array($indexRuleName, $userRule)) {
                unset($ruleList[$k]);
                continue;
            }
            $v['icon'] = $v['icon'] . ' fa-fw';
            $v['url'] = '/' . $module . '/' . $v['name'];
            $v['badge'] = isset($badgeList[$v['name']]) ? $badgeList[$v['name']] : '';
            $v['py'] = $pinyin->abbr($v['title'], '');
            $v['pinyin'] = $pinyin->permalink($v['title'], '');
            $v['title'] = __($v['title']);
            $selected = $v['name'] == $fixedPage ? $v : $selected;
            $referer = url($v['url']) == $refererUrl ? $v : $referer;
        }
        $lastArr = array_diff($pidArr, array_filter(array_unique(array_map(function ($item) {
            return $item['pid'];
        }, $ruleList))));
        foreach ($ruleList as $index => $item) {
            if (in_array($item['id'], $lastArr)) {
                unset($ruleList[$index]);
            }
        }
        if ($selected == $referer) {
            $referer = [];
        }
        $selected && $selected['url'] = url($selected['url']);
        $referer && $referer['url'] = url($referer['url']);

        $select_id = $selected ? $selected['id'] : 0;
        $menu = $nav = '';


        if (Config::get('fastadmin.multiplenav')) {
            $topList = [];
            foreach ($ruleList as $index => $item) {
                if (!$item['pid']) {
                    $topList[] = $item;
                }
            }
            $selectParentIds = [];
            $tree = Tree::instance();
            $tree->init($ruleList);
            if ($select_id) {
                $selectParentIds = $tree->getParentsIds($select_id, true);
            }
            foreach ($topList as $index => $item) {
                $childList = Tree::instance()->getTreeMenu(
                    $item['id'],
                    '<li class="@class" pid="@pid"><a href="@url@addtabs" addtabs="@id" url="@url" py="@py" pinyin="@pinyin"><i class="@icon"></i> <span>@title</span> <span class="pull-right-container">@caret @badge</span></a> @childlist</li>',
                    $select_id,
                    '',
                    'ul',
                    'class="treeview-menu"'
                );
                $current = in_array($item['id'], $selectParentIds);
                $url = $childList ? 'javascript:;' : url($item['url']);
                $addtabs = $childList || !$url ? "" : (stripos($url, "?") !== false ? "&" : "?") . "ref=addtabs";
                $childList = str_replace(
                    '" pid="' . $item['id'] . '"',
                    ' ' . ($current ? '' : 'hidden') . '" pid="' . $item['id'] . '"',
                    $childList
                );
                $nav .= '<li class="' . ($current ? 'active' : '') . '"><a href="' . $url . $addtabs . '" addtabs="' . $item['id'] . '" url="' . $url . '"><i class="' . $item['icon'] . '"></i> <span>' . $item['title'] . '</span> <span class="pull-right-container"> </span></a> </li>';
                $menu .= $childList;
            }
        } else {
            // 构造菜单数据
            Tree::instance()->init($ruleList);
            $menu = Tree::instance()->getTreeMenu(
                0,
                '<li class="@class"><a href="@url@addtabs" addtabs="@id" url="@url" py="@py" pinyin="@pinyin"><i class="@icon"></i> <span>@title</span> <span class="pull-right-container">@caret @badge</span></a> @childlist</li>',
                $select_id,
                '',
                'ul',
                'class="treeview-menu"'
            );
            if ($selected) {
                $nav .= '<li role="presentation" id="tab_' . $selected['id'] . '" class="' . ($referer ? '' : 'active') . '"><a href="#con_' . $selected['id'] . '" node-id="' . $selected['id'] . '" aria-controls="' . $selected['id'] . '" role="tab" data-toggle="tab"><i class="' . $selected['icon'] . ' fa-fw"></i> <span>' . $selected['title'] . '</span> </a></li>';
            }
            if ($referer) {
                $nav .= '<li role="presentation" id="tab_' . $referer['id'] . '" class="active"><a href="#con_' . $referer['id'] . '" node-id="' . $referer['id'] . '" aria-controls="' . $referer['id'] . '" role="tab" data-toggle="tab"><i class="' . $referer['icon'] . ' fa-fw"></i> <span>' . $referer['title'] . '</span> </a> <i class="close-tab fa fa-remove"></i></li>';
            }
        }

        return [$menu, $nav, $selected, $referer];
    }

    /**
     * 设置错误信息
     *
     * @param string $error 错误信息
     * @return Auth
     */
    public function setError($error)
    {
        $this->_error = $error;
        return $this;
    }

    /**
     * 获取错误信息
     * @return string
     */
    public function getError()
    {
        return $this->_error ? __($this->_error) : '';
    }
}
